[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sylpheed
Subject:    [sylpheed:24429] [SECURITY] Sylpheed 1.0.4 (stable) released
From:       Hiroyuki Yamamoto <hiro-y () kcn ! ne ! jp>
Date:       2005-03-24 9:31:40
Message-ID: 20050324183140.75b20c1d.hiro-y () kcn ! ne ! jp
[Download RAW message or body]


Hello,

I've made an urgent release of 1.0.4, since a buffer overflow bug,
similar to the one which was fixed at 1.0.3, was found in another part.

This vulnerability exists in the version from 0.8.0 to 1.0.3, and from
1.9.0 to 1.9.4, so be sure to upgrade. 1.9.5 and 1.9.6 don't have the
problem.

Also, the previously found vulnerability exists in from 0.8.0 to 1.0.2,
and from 1.9.0 to 1.9.4, and it doesn't exist in the version before
0.8.0.

Changes:

    * A buffer overflow which occurred when displaying a message with
      attachments which have MIME-encoded filenames was fixed.
    * A possible crash on re-edit of messages was fixed.

--=20
Hiroyuki Yamamoto <hiro-y@kcn.ne.jp>

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]